From f602f7ba5092a04edc4febcbbcf2239383f5b21c Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Tue, 5 Mar 2024 09:11:55 +0100
Subject: [PATCH] tls13: srv: Code improvements

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 library/ssl_tls13_server.c | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 4b6845d6c5..94ceee622e 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -218,20 +218,24 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket(
     ret = ssl->conf->f_ticket_parse(ssl->conf->p_ticket,
                                     session,
                                     ticket_buffer, identity_len);
-    if (ret == 0) {
-        ret = SSL_TLS1_3_PSK_IDENTITY_MATCH;
-    } else {
-        if (ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) {
+    switch (ret) {
+        case 0:
+            ret = SSL_TLS1_3_PSK_IDENTITY_MATCH;
+            break;
+
+        case MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED:
             MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is expired"));
             ret = SSL_TLS1_3_PSK_IDENTITY_MATCH_BUT_PSK_NOT_USABLE;
-        } else {
-            if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) {
-                MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic"));
-            } else {
-                MBEDTLS_SSL_DEBUG_RET(1, "ticket_parse", ret);
-            }
+            break;
+
+        case MBEDTLS_ERR_SSL_INVALID_MAC:
+            MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic"));
+            ret = SSL_TLS1_3_PSK_IDENTITY_DOES_NOT_MATCH;
+            break;
+
+        default:
+            MBEDTLS_SSL_DEBUG_RET(1, "ticket_parse", ret);
             ret = SSL_TLS1_3_PSK_IDENTITY_DOES_NOT_MATCH;
-        }
     }
 
     /* We delete the temporary buffer */